Description
Jenkins Azure PublisherSettings Credentials Plugin 1.2 and earlier stored credentials unencrypted in the credentials.xml file on the Jenkins master where they could be viewed by users with access to the master file system.
Remediation
References
http://www.securityfocus.com/bid/108045
https://jenkins.io/security/advisory/2019-04-17/#SECURITY-844
Related Vulnerabilities
CVE-2021-34078 Vulnerability in npm package lifion-verify-deps
CVE-2022-23496 Vulnerability in maven package nl.basjes.parse.useragent:yauaa-elastic-udfs-parent
CVE-2023-45648 Vulnerability in maven package org.apache.tomcat:tomcat
CVE-2022-24431 Vulnerability in npm package abacus-ext-cmdline
CVE-2022-40955 Vulnerability in maven package org.apache.inlong:manager-pojo